W3C home > Mailing lists > Public > ietf-http-wg@w3.org > July to September 2012

Re: Semantics of HTTPS

From: Willy Tarreau <w@1wt.eu>
Date: Tue, 7 Aug 2012 09:37:46 +0200
To: Yoav Nir <ynir@checkpoint.com>
Cc: "Adrien W. de Croy" <adrien@qbik.com>, Mark Nottingham <mnot@mnot.net>, "ietf-http-wg@w3.org Group" <ietf-http-wg@w3.org>
Message-ID: <20120807073746.GJ7647@1wt.eu>
Hi Yoav,

On Tue, Aug 07, 2012 at 10:30:04AM +0300, Yoav Nir wrote:
> Best we can do is something along the lines of "Your traffic to
> "www.mybank.com" is being decrypted an inspected by "sslproxy.example.com".
> Is this OK?"
> 
> Do you think this allows a user to make an informed decision? Usability
> studies suggest that the user will click on whatever button makes him get to
> www.mybank.com, without thinking about the implications. This may or may not
> be the correct decision, but changing browser UI to fit security geeks does
> not necessarily make sense.

Precisely having the proxy take care of TLS could improve the situation a lot.
The proxy would simply refuse to connect to improperly configured sites and
the client would not be able to do anything about this, except try to pass
using the CONNECT method if it's whitelisted in the proxy.

The client would only have the proxy's cert and the browser could be
configured to always refuse to connect to an invalid proxy instead of
prompting the user.

So in the end, we would significantly improve end-user security by enforcing
security where it matters and where people can make informed decisions, and
leaving the user with less hesitation caused by warnings he doesn't understand.

Regards,
Willy
Received on Tuesday, 7 August 2012 07:38:32 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 7 August 2012 07:38:38 GMT